Introduction

Product concerned: SNS 4.3.18-LTSB and higher

IMPORTANT
SNS version 4.8.1 introduces support for the BIRD v2 dynamic routing engine. If you wish to migrate your BIRD v1 configuration to BIRD v2, please refer to the Technical Note "Dynamic Routing: migrating a BIRD v1 configuration to BIRD v2".

The aim of this document is to guide the administrator of a Stormshield Network firewall in configuring and operating the embedded BIRD dynamic routing module.

To begin with, the configuration environment as well as the interaction modes with the routing engine will be described. Next, a simple typical configuration for the three routing protocols BGP, RIP & OSPF will be explained. These examples provide an opportunity for learning about the configuration structure of protocols, peripheral elements, filtering and status displays. The last section focuses on a more complex configuration.

Take note that BIRD offers multiple configuration options, especially for the exchange of routes between processes, their filters or a pseudo-virtualization of routing instances. These advanced elements are specific to BIRD and are not included in the scope of the document. Likewise, the use of BGP ROAs will not be covered but they are supported by BIRD.

Configuration via the web administration interface

Dynamic routing can be enabled or disabled in the Routing module of the web administration interface.

The Dynamic routing and Dynamic routing IPv6 (if IPv6 support has been enabled) tabs make it possible to edit configuration files bird.conf in IPv4 and bird6.conf in IPv6.

When the configuration is sent to the firewall, and if there are syntax errors, a message indicating the row containing an error will inform the user of the need to correct the configuration.

IMPORTANT
The previous configuration file will not be backed up before it has been modified. You are therefore advised to copy it (CTRL+A/CTRL+C), and paste it into a text editor in order to back up the file.

However, the interface editor does not allow access to Birdc and birdc6 interactive modes, which enable control over dynamic routing (testing the operation of a new configuration through a temporary configuration and viewing statuses).

Date	Description
July 9, 2024	Modification of the introduction: announcement of the end of support for BIRD v1, arrival of BIRD v2 from SNS 4.8.1 and link to the TNO for migrating from BIRD v1 to BIRD v2.
May 9, 2023	SNS 4.3.18 LTSB and higher. Simple configurations section modifed ([BGPAuth] section removed from the ConfigFiles/Bird/global configuration file)

Date

Description

July 9, 2024

Modification of the introduction: announcement of the end of support for BIRD v1, arrival of BIRD v2 from SNS 4.8.1 and link to the TNO for migrating from BIRD v1 to BIRD v2.

May 9, 2023

SNS 4.3.18 LTSB and higher.

Simple configurations section modifed ([BGPAuth] section removed from the ConfigFiles/Bird/global configuration file)